Reply to post: Re: Card Payments

Shut the front door: Jewson 'fesses up to data breach

tiggity Silver badge

Re: Card Payments

Some of those can be vulnerable.

Everyone should really be moving to TLS 1.2 by next year at the latest to mitigate against some nasty weaknesses

https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

Most of the payment companies told people about this a while ago.

Even using third parties, there are issues, e.g. if using an API where Jewson have some form of token for a card, if tokens can be grabbed, & credentials to communicate with 3rd party, then can get card details using token in API calls. Details would vary depending what was originally stored, number will be available.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021